Login
    Contenu x
    AAL2QADecryptQABlob
    • 22 Jan 2025
    • 2 Minutes à lire
    • Sombre
      Lumière
    • PDF
    Contenu

    AAL2QADecryptQABlob

    • Mis à jour le 22 Jan 2025
    • 2 Minutes à lire
    • Sombre
      Lumière
    • PDF
    The content is currently unavailable in French. You are viewing the default English version.
    Résumé de l’article

    Function prototype

    aat_int32 AAL2QADecryptQABlob (
                               TDigipassBlob      DPData,
                               TKernelParms*      CallParms,
                               aat_ascii*         Challenge,
                               aat_ascii*         aEncryptedQABlob,
                               aat_ascii*         aQABlob,
                               aat_int32*         QABlobSize);

    Description

    This function decrypts the encrypted QA BLOB provided by the Java applet of the Digipass for Web architecture.

    Score-based Digipass

    For Digipass devices that integrate the score-based algorithm, Authentication Suite Server SDK performs a score-based authentication to decrypt the QA BLOB. This allows retrieving the Digipass scoring value. Once Authentication Suite Server SDK has successfully decrypted the QA BLOB, it returns either SUCCESS or SUCCESS with the relevant scoring warning code. See the list of return codes in Table: Return codes (AAL2QADecryptQABlob) for more details.

    Parameters

      Table: Parameters (AAL2QADecryptQABlob)
    TypeNameUseDescription
    TDigipassBlob *DPDataI/Oauthenticator application BLOB. Upon return from the function call, this BLOB must be rewritten to the application database to reflect changes.
    TKernelParms *KernelParmsI

    List of formatted kernel parameters:

    ParamertName1=Value1;ParameterName2=Value2;….

    aat_ascii *ChallengeIChallenge for CR mode.
    aat_ascii *EncryptedQABlobI

    Encrypted QA BLOB format:

    • OTP
    • User ID:                  up to32 chars
    • Idx1:                        02 chars
    • XHA1:                        30 chars
    • Idx2:                        02 chars
    • XHA2:                        30 chars
    • ...
    • Checksum:                 16 chars
    aat_ascii *QABLOBO

    BLOB resulting from the formatted answer hash:

    • User ID:                  32 chars
    • BLOB version:        02 chars
    • Hash number:           02 chars
    •                     |Index |02 chars
    •                     |Hash   |30 chars
    • Checksum:                 16 chars
    aat_int32QABLOBSizeI/O

    In input, this parameter must indicate the size of the allocated buffer for the QABlob parameter (recommended 359 bytes).

    In output, this parameter indicates the length of the QABlob string (without the null-terminated character).

    Return codes

      Table:  Return codes (AAL2QADecryptQABlob)
    CodeMeaningCodeMeaning
    0Success603Invalid Gordian stimulus information
    10001Success with context warning*802Change password mandatory
    10002Success with user warning*803New password too short
    10003Success with user & context warning*804New password too long
    10004Success with platform warning*1000Function does not support EMV-CAP
    10005Success with platform & context warning*1025Buffer too small
    10006Success with platform & user warning*1039Invalid response length with DP algorithm
    10007Success with platform & user & context warning*1040Invalid host code length with DP algorithm
    1Code not verified1103Unlock Version 2 not supported
    2Static password validation failed1116Response check digit not allowed
    131Missing required challenge1117Challenge check digit not allowed
    140Challenge corrupted1118Unsupported BLOB
    201Code replay attempt-101Challenge too short
    202Identification error threshold reached-102Challenge too long
    205Inactive days reached-103Challenge check digit wrong
    208Application disabled-105Challenge minimum length not allowed
    412Invalid checksum-106Challenge maximum length not allowed
    413Invalid Base64 format-107Challenge number wrong
    510Invalid Digipass data pointer-108Challenge character invalid
    530Invalid QA data pointer-201Response length out of bounds
    532Invalid QA data length-202Response too short
    535Invalid QA number-203Response too long
    536Invalid encrypted QA data-204Response check digit wrong
    600Invalid Gordian root information-205Response character not decimal
    601Invalid Gordian today information-206Response character not hexadecimal
    602Invalid Gordian tomorrow information-207Response character set not specified

    * Specific score-based authentication codes; for more information, refer to Score-based Digipass.

    Cet article vous a-t-il été utile ?
    What's Next
    Change password!
    Changing your password will log you out immediately. Use the new password to log back in.
    Change profile
    Success!
    First name must have atleast 2 characters. Numbers and special characters are not allowed.
    Last name must have atleast 1 characters. Numbers and special characters are not allowed.
    Enter a valid email
    Enter a valid password
    Your profile has been successfully updated.
    Logout
    ESC

    Ozzy, facilitant la découverte de connaissances grâce à l’intelligence conversationnelle